Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
STOREUTL(1)			    OpenSSL			   STOREUTL(1)

       openssl-storeutl, storeutl - STORE utility

       openssl storeutl	[-help]	[-out file] [-noout] [-passin arg] [-text arg]
       [-engine	id] [-r] [-certs] [-keys] [-crls] [-subject arg] [-issuer arg]
       [-serial	arg] [-alias arg] [-fingerprint	arg] [-digest] uri ...

       The storeutl command can	be used	to display the contents	(after
       decryption as the case may be) fetched from the given URIs.

	   Print out a usage message.

       -out filename
	   specifies the output	filename to write to or	standard output	by

	   this	option prevents	output of the PEM data.

       -passin arg
	   the key password source. For	more information about the format of
	   arg see "Pass Phrase	Options" in openssl(1).

	   Prints out the objects in text form,	similarly to the -text output
	   from	openssl	x509, openssl pkey, etc.

       -engine id
	   specifying an engine	(by its	unique id string) will cause storeutl
	   to attempt to obtain	a functional reference to the specified
	   engine, thus	initialising it	if needed.  The	engine will then be
	   set as the default for all available	algorithms.

       -r  Fetch objects recursively when possible.

	   Only	select the certificates, keys or CRLs from the given URI.
	   However, if this URI	would return a set of names (URIs), those are
	   always returned.

       -subject	arg
	   Search for an object	having the subject name	arg.  The arg must be
	   formatted as	/type0=value0/type1=value1/type2=....  Keyword
	   characters may be escaped by	\ (backslash), and whitespace is
	   retained.  Empty values are permitted but are ignored for the
	   search.  That is, a search with an empty value will have the	same
	   effect as not specifying the	type at	all.

       -issuer arg
       -serial arg
	   Search for an object	having the given issuer	name and serial
	   number.  These two options must be used together.  The issuer arg
	   must	be formatted as	/type0=value0/type1=value1/type2=...,
	   characters may be escaped by	\ (backslash), no spaces are skipped.
	   The serial arg may be specified as a	decimal	value or a hex value
	   if preceded by 0x.

       -alias arg
	   Search for an object	having the given alias.

       -fingerprint arg
	   Search for an object	having the given fingerprint.

	   The digest that was used to compute the fingerprint given with


       The openssl storeutl app	was added in OpenSSL 1.1.1.

       Copyright 2016-2021 The OpenSSL Project Authors.	All Rights Reserved.

       Licensed	under the OpenSSL license (the "License").  You	may not	use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at

1.1.1k				  2021-03-25			   STOREUTL(1)


Want to link to this manual page? Use this URL:

home | help